55 4 Certain commercial equipment, materials, and software are sometimes identified to specify technical aspects of the reported procedures and results. In no case does such identification imply recommendations or endorsement by the U.S. Government, its departments, or its agencies; nor does it imply that the equipment, materials, and software identified are the best available for this purpose.

58 7 79 MHz Bluetooth hops through 79 channels Each channel is 1 MHz wide A piconet hops 1600 times per second

59 8 Clocks Every Bluetooth device has a clock Clocks increment 3200 times per second Hops happen every other clock cycle The master device dictates the clock of the piconet Subordinate devices keep track of their clocks' offset from the master's

86 35 Sampling 3 MHz One of the fundamental tools of digital signal processing (DSP) is the sampling of analog signals. While there are some DSP applications that are entirely digital, most DSP systems include both analog and digital components. For example, the sound card on your computer can receive an analog signal from a microphone and sample it to produce a digital signal. It can also convert a digital signal into an analog signal destined for speakers. Software radio systems operate in essentially the same way but with antennas instead of microphones and speakers. Digital sampling is the very simple process of measuring the value of something at many discrete moments over time, usually at regular intervals. If you measure the rainfall at your home every day, you are acting as a digital sampler; nature provides the analog signal (the rainfall that varies continuously over time), and you convert it by periodic sampling into a digital signal (a sequence of discrete values). Your sound card and microphone measure variations in air pressure, but, instead of sampling at a rate of one sample per day, they sample at perhaps 48 thousand samples per second. The USRP2 we use for Bluetooth monitoring samples radio signals at a rate of 100 million samples per second. Let's say we have an ADC (Analog to Digital Converter) that samples at a rate of 8 million samples per second (Msps). If a pure sine wave (the blue analog signal) comes along with a frequency of 3 MHz (3 million cycles per second), our sampler will produce a stream of digital values like so (the red dots). 3 MHz is 3/8 of our sample rate, so there are 8 samples taken every 3 periods of the analog signal. We can clearly see that the digital (red) signal repeats itself every 8 samples, and, even without the blue line present, it isn't hard to envision the 3 MHz analog signal that the red sequence represents (with a period of 2.67 samples). So now we have a way (the red dots) to digitally represent a pure sine wave with a frequency of 3 MHz. If an analog signal were to arrive with a frequency of 3.2 MHz, the resultant digital signal would certainly be distinct from this one (although the difference might not be apparent for the first few samples).

87 36 Sampling 5 MHz Now suppose that a 5 MHz analog signal comes along (the dashed green line). Our 8 Msps sampler converts the analog signal into a digital signal like so (the red dots). Since 5 MHz is 5/8 of our sample rate, there are 8 samples taken every 5 periods of the analog signal. The digital signal once again clearly repeats itself every 8 samples. This sequence of values (the red dots) can be thought of as a digital representation of a 5 MHz sine wave. The sequence is distinct from those that represent other nearby frequencies such as 5.2 MHz. You might notice, however, that the digital sequence that represents a 5 MHz sine wave looks familiar. It is the same sequence that represents a 3 MHz sine wave!

88 37 Aliases In the analog domain, a 3 MHz signal is quite distinct from a 5 MHz signal, but, in the digital domain, the two are indistinguishable (with a sample rate of 8 Msps). If you take the time to draw a sine wave with a frequency of 11 MHz (you'll need a finer pen and steadier hand than mine), you'll find that it, too, passes through the same red dots. In fact, the set of frequencies that share these points is infinite and includes 3, 5, 11, 13, 19, 21, 27, 29, and 36 MHz and so forth. These frequencies are all 3 MHz away from integer multiples of the sample rate (8 Msps). Our digital sequence (the red dots) exhibits ambiguous frequency. In the analog domain, this would be weird, but, in the digital domain, it is completely normal. Every digital sequence can be thought of as a set of ambiguous frequency components. There is no such thing as a digital signal with a single frequency because every frequency component is really an infinite set of frequencies. The frequencies aren't completely ambiguous, however. (A 3.2 MHz signal can be distinguished from a 3 MHz signal.) They are only ambiguous with respect to integer multiples of the sample rate. This is the basis of the Nyquist sampling theorem. One way to state the theorem is that, in order to unambiguously represent an analog signal in the digital domain, you have to sample at a rate that is at least twice the frequency of your analog signal of interest. In other words, our 8 MHz sampler is only able to unambiguously represent signals with frequencies lower than 4 MHz. (A 4.1 MHz signal would be indistinguishable from a 3.9 MHz signal, and a 6.2 MHz signal would be indistinguishable from 1.8 MHz.) If we were comfortably above the Nyquist limit, that is, if our signal of interest were well below 4 MHz, we might run into trouble if a neighboring signal between 4 and 8 MHz showed up. In the analog domain, the neighboring signal wouldn't interfere with our signal below 4 MHz. In the digital domain, however, we might detect a 5 MHz signal, and it would directly interfere with a 3 MHz signal. Because of the ambiguity in the digital domain, the 5 MHz signal would be indistinguishable from a 3 MHz signal. When a 5 MHz analog signal produces an apparent 3 MHz signal in the digital domain, we call the apparent 3 MHz signal an "alias" of the 5 MHz signal. The signal has an infinite number of aliases at 3 MHz, 11, 13, 19, 21, and so forth. This phenomenon of "aliasing" is usually considered a problem to be avoided, typically by filtering in the analog domain prior to sampling.

89 38 If our signal of interest is entirely below 4 MHz, then we can use an analog "anti-aliasing" filter that filters out all frequencies above 4 MHz, allowing only lower frequencies to pass through (a low-pass filter) to the ADC. By using this anti-aliasing filter before sampling, we can effectively eliminate any ambiguity in the digital domain. If we detect a digital frequency component at 3 MHz, we can be certain that there really was a 3 MHz analog signal and that we are not seeing an alias of an analog signal at 5 MHz or higher. In this way we are able to eliminate interference from analog signals above 4 MHz.

90 39 Band-Pass Sampling Now let's suppose that we would like to sample an analog signal of interest between 4 and 8 MHz. As long as the signal does not contain frequency components beyond these boundaries, we should be able to sample it with our 8 Msps ADC. In the digital domain, our signal is indistinguishable from signals in the 0 to 4 MHz range, the 8 to 12 MHz range, and so forth, but frequencies between 4 and 8 MHz are distinguishable from each other. To ensure that we receive only those signals that are between 4 and 8 MHz, we can use an anti-aliasing filter that filters out frequencies below 4 MHz as well as those above 8 MHz (a band-pass filter). Because the analog signal arriving at the ADC is limited by such a filter, this technique is called bandpass sampling. We can band-pass sample signals in any 4 MHz wide range bordered by an integer multiple of the sample rate (4 to 8 MHz,8 to 12 MHz, 12 to 16 MHz, and so on), but at some point there is an absolute maximum due to the limited precision of our ADC timing. A more general statement of the Nyquist sampling theorem that allows for band-pass sampling is this: In order to unambiguously represent an analog signal in the digital domain, you have to sample at a rate that is at least twice the bandwidth of your analog signal of interest. Bandwidth is a measure of the range of frequency components of a signal. A signal that fits between 4 and 8 MHz has a bandwidth of no more than 4 MHz, therefore it can be sampled by an ADC operating at a sample rate of at least 8 Msps.

91 40 Frequency Hopping Bluetooth is a frequency hopping system. At any given moment, a Bluetooth piconet uses a single channel with a bandwidth of 1 MHz, but the network switches among many different channels (adjacent 1 MHz bands) 1600 times per second. A normal Bluetooth system uses 79 channels at frequencies of 2402 MHz through 2480 MHz, but let's suppose we wanted to monitor an unusual Bluetooth piconet that uses only 8 channels at much lower frequencies between 0 and 8 MHz (channel one is centered at 0.5 MHz, channel 2 at 1.5 MHz, and so forth). If we only wanted to monitor channels 1 through 4, we could use a low-pass anti-aliasing filter. To monitor channels 5 through 8, however, we would need a band-pass anti-aliasing filter. Nyquist says that we can only monitor one of these two sets of channels at a time.

92 41 Aliased Frequency Hopping Without filtering the two ranges from each other, our 8 Msps sampler would fail to distinguish channel 1 from channel 8, channel 2 from channel 7, and so forth. If a transmission on channel 1 occurs at the same time as a transmission on channel 8, they would interfere with each other in the digital domain. Lucky for us, a Bluetooth piconet never transmits on more than one channel at a time! If we are willing to live with the fact that we can't distinguish certain channels from one another, there is nothing stopping us from monitoring all 8 channels with our 8 Msps ADC. We just need a double wide anti-aliasing filter, a low-pass filter at 8 MHz. Although they are usually thought of as things to be avoided, aliases can be our friends. When we monitor channel 1 with this system, we sometimes receive frames transmitted on channel 1 and sometimes receive aliases of frames transmitted on channel 8. We can't tell them apart, but they should never interfere with each other.

93 42 Aliases, Aliases, and More Aliases We could go crazy and extend this idea further. If our ADC only operates at 4 Msps, we could use the same technique (with a low-pass filter at 8 MHz) and double up our aliased channels a second time. Imagine folding a piece of paper over on itself once and then folding it over a second time. Channels 1, 4, 5, and 8 would all be aliased on top of each other (and thus indistinguishable from one another), and Channels 2, 3, 6, and 7 would be aliased on top of each other as well. Our monitoring software would lose even more information about which channel is which, but it would only have to monitor two channels in the digital domain. The ultimate extension of this technique would be to cut the sample rate in half yet again. If we operate our ADC at 2 Msps (retaining the 8 MHz low-pass anti-aliasing filter), all 8 channels would be aliased on top of each other, and our monitoring system would see them all as one channel in the digital domain.

94 43

95 44 The Good (more channels), the Bad (more noise), and the Ugly (more interference) There is a reason not to use the aliasing technique any more than we have to, however. Every time we increase the number of overlapping aliases, we double up the bad along with the good. If there is interference, say from an network, on a particular channel, the aliases of the interfering signal can affect multiple channels in the digital domain. In the extreme case, if we alias all Bluetooth channels onto a single digital channel, it only takes one interferer on any single channel to ruin our ability to receive transmissions on every channel (which is exactly the situation that frequency hopping is intended to avoid). The 2.4 GHz ISM band tends to be busy, so this problem is very likely. Even without the presence of interference, each alias adds more background noise, reducing our signal to noise ratio, thereby increasing the likelihood of decoding errors. If we want to maximize our ability to correctly decode Bluetooth transmissions, especially if we want to monitor more than one piconet at once, we should use the aliasing technique as little as possible.

96 45 Our Method This example of an 8 channel Bluetooth piconet is a simplified version of our real world challenge. Our goal is to monitor 79 channels operating at a much higher frequency. Our principal limitation is that our fastest software radio system, the USRP2, is capable of delivering a maximum bandwidth of 25 MHz to the host computer. That means that our software can see only 25 out of 79 channels unambiguously. By configuring the USRP2 to alias four 25 MHz bands on top of each other, however, we can deliver all 79 channels to the host computer with each of the 25 distinct channels in the digital domain carrying 3 or 4 aliased channels from the analog domain. This requires two modifications:

97 46 The RFX2400 daughterboard is modified by removing the 20 MHz analog anti-aliasing filter from the receive path.

98 47 The USRP2 FPGA code is modified by zeroing some coefficients in the halfband decimators (only effective when using a decimation rate of 4).

A LOW-COST SOFTWARE-DEFINED TELEMETRY RECEIVER Michael Don U.S. Army Research Laboratory Aberdeen Proving Grounds, MD ABSTRACT The Army Research Laboratories has developed a PCM/FM telemetry receiver using

Wireless Communication Systems: Implementation perspective Course aims To provide an introduction to wireless communications models with an emphasis on real-life systems To investigate a major wireless

ECEn 487 Digital Signal Processing Laboratory Lab 3 FFT based Spectrum Analyzer Due Dates This is a three week lab. All TA check off must be completed prior to the beginning of class on the lab book submission

CHAPTER 3 SAMPLING AND RECONSTRUCTING SIGNALS Many DSP applications begin with analog signals. In order to process these analog signals, the signals must first be sampled and converted to digital signals.

Chapter 5 Window Functions 5.1 Introduction As discussed in section (3.7.5), the DTFS assumes that the input waveform is periodic with a period of N (number of samples). This is observed in table (3.1).

MITOCW ocw-18-085-f08-lec36_300k The following content is provided under a Creative Commons license. Your support will help MIT OpenCourseWare continue to offer high-quality educational resources for free.

A Comparison of Superheterodyne to Quadrature Down Conversion Tony Manicone, Vanteon Corporation There are many different system architectures which can be used in the design of High Frequency wideband

Chapter 2: Digitization of Sound Acoustics pressure waves are converted to electrical signals by use of a microphone. The output signal from the microphone is an analog signal, i.e., a continuous-valued

Wideband Spectral Measurement Using Time-Gated Acquisition Implemented on a User-Programmable FPGA By Raajit Lall, Abhishek Rao, Sandeep Hari, and Vinay Kumar Spectral measurements for some of the Multiple

In this lecture, I will introduce the mathematical model for discrete time signals as sequence of samples. You will also take a first look at a useful alternative representation of discrete signals known

6.2 Modular Arithmetic Every reader is familiar with arithmetic from the time they are three or four years old. It is the study of numbers and various ways in which we can combine them, such as through

MITOCW R9. Rolling Hashes, Amortized Analysis The following content is provided under a Creative Commons license. Your support will help MIT OpenCourseWare continue to offer high quality educational resources

Multirate DSP, part 3: ADC oversampling Li Tan - May 04, 2008 Order this book today at www.elsevierdirect.com or by calling 1-800-545-2522 and receive an additional 20% discount. Use promotion code 92562

Lab 1.2 Joystick Interface Lab 1.0 + 1.1 PWM Software/Hardware Design (recap) The previous labs in the 1.x series put you through the following progression: Lab 1.0 You learnt some theory behind how one

Keeping s One of the most important concerns with using modern technology is how to keep your s. For instance, you wouldn t want anyone to intercept your emails and read them or to listen to your mobile

2. TELECOMMUNICATIONS BASICS The purpose of any telecommunications system is to transfer information from the sender to the receiver by a means of a communication channel. The information is carried by

TU Dresden uses National Instruments Platform for 5G Research Wireless consumers insatiable demand for bandwidth has spurred unprecedented levels of investment from public and private sectors to explore

Radio Receiver Architectures and Analysis Robert Wilson December 6, 01 Abstract This article discusses some common receiver architectures and analyzes some of the impairments that apply to each. 1 Contents

Spectrum Analysis: The FFT Display Equipment: Capstone, voltage sensor 1 Introduction It is often useful to represent a function by a series expansion, such as a Taylor series. There are other series representations

Spread Spectrum: Definition refers to the expansion of signal bandwidth, by several orders of magnitude in some cases, which occurs when a key is attached to the communication channel an RF communications

Wireless Network Security and Data Reliability A Technical Note Background Wireless technology is becoming a popular choice for automating various types of industrial processes and applications. The benefits

Developing a Generic Software-Defined Radar Transmitter using GNU Radio A thesis submitted in partial fulfilment of the requirements for the degree of Master of Sciences (Defence Signal Information Processing)

CHAPTER 1 CHAPTER Conventional delta-sigma modulators 1.0 This Chapter presents the traditional first- and second-order DSM. The main sources for non-ideal operation are described together with some commonly

SOME EXAMPLES FROM INFORMATION THEORY (AFTER C. SHANNON). 1. Some easy problems. 1.1. Guessing a number. Someone chose a number x between 1 and N. You are allowed to ask questions: Is this number larger

The Filter Wizard issue 37: Perfect Pseudo-Differential Input ADCs Kendall Castor-Perry In this column, the Filter Wizard discusses a practical application of the time realignment filtering technique described

CSE 461 Bits and Links David Wetherall djw@cs.washington.edu Topic How do we send a message across a wire or wireless link? The physical/link layers: 1. Different kinds of media 2. Fundamental limits 3.

Page 1 of 7 Fundamentals Introduction e-pate technology is the next generation of long range RFID (Radio Frequency IDentification). The objective is wireless and automated data collection of vehicles and

How to drive the LTC2387 ( part I ) Signal Applications to 5 MHz that require low inter-modulation distortion The biggest challenge in driving a 15 Msps, 18 bit ADC with an 8Vp-p input range is the lack

The Digital Front-End Bridge Between RFand Baseband-Processing Tim Hentschel and Gerhard Fettweis - Dresden University of Technology - 1 Introduction 1.1 The front-end of a digital transceiver The first

Combinatorics: The Fine Art of Counting Week Four Solutions 1. An ice-cream store specializes in super-sized deserts. Their must famous is the quad-cone which has 4 scoops of ice-cream stacked one on top

C HAPTER 1 Engineering the Power Delivery Network 1.1 What Is the Power Delivery Network (PDN) and Why Should I Care? The power delivery network consists of all the interconnects in the power supply path

Spectrum Analysis Introduction Why measure a spectra? In electrical engineering we are most often interested how a signal develops over time. For this time-domain measurement we use the Oscilloscope. Like

Algorithm and Experimentation of Frequency Hopping, Band Hopping, and Transmission Band Selection Using a Cognitive Radio Test Bed Hasan Shahid Stevens Institute of Technology Hoboken, NJ, United States

GRPH THEORETICL PPROCH TO SOLVING SCRMLE SQURES PUZZLES SRH MSON ND MLI ZHNG bstract. Scramble Squares puzzle is made up of nine square pieces such that each edge of each piece contains half of an image.

Permutations and Combinations Introduction Permutations and combinations refer to number of ways of selecting a number of distinct objects from a set of distinct objects. Permutations are ordered selections;

1. Introduction 12: PRELAB: INTERFERENCE As you have seen in your studies of standing waves, a wave and its reflection can add together constructively (peak meets peak, giving large amplitude) or destructively